a859c87455
add auth middleware test
2026-05-19 19:53:54 +03:00
c5916ad409
Merge branch 'fix/frontend-cors'
2026-05-18 22:26:19 +03:00
4df8573b1c
add frontend cors config
2026-05-18 22:19:57 +03:00
f9f253d04f
test production cors preflight
2026-05-18 22:18:54 +03:00
4702758984
Merge branch 'copy-user-auth-from-ysv'
2026-05-18 22:14:25 +03:00
883f83814c
fix backend process compose
2026-05-18 22:13:29 +03:00
383a8a0fbd
add idempotent logout for missing token test
2026-05-18 22:06:46 +03:00
7c996ade74
add timestamp and persistence assertions for create session
2026-05-18 22:06:38 +03:00
1c5d09f09c
add empty string tests for authenticate
2026-05-18 22:06:26 +03:00
64acbfad60
extract auth test fakes
2026-05-18 22:01:45 +03:00
ae07a6ff7c
remove web from routing
2026-05-18 21:46:50 +03:00
410b752183
add unit tests for user and auth
2026-05-18 21:36:10 +03:00
613180d459
copy user entity and auth from ysv
2026-05-18 21:32:55 +03:00
9d5bfc33a6
laravel init
2026-05-18 21:24:18 +03:00
f6a33cf620
delete backend, starting over
2026-05-18 21:18:20 +03:00
babf9eb855
Merge branch 'feature/eloquent-user-repo'
2026-05-18 09:38:39 +03:00
c5875507ca
ignore postgres folder
2026-05-17 22:12:08 +03:00
651fc885a7
fix php router script and api url for e2e login
2026-05-17 22:10:33 +03:00
89b63cb9e9
wire postgres session repo, migrations, seed, and dev serve
2026-05-17 22:01:27 +03:00
02effe761a
add failing e2e test for successful login
2026-05-17 22:01:23 +03:00
d99d893394
add postgres user repository
2026-05-17 21:50:47 +03:00
6fbc1fb4f5
add user migration
2026-05-17 21:50:24 +03:00
50814ffd60
wire eloquent capsule
2026-05-17 21:49:42 +03:00
2e1c9282c5
add env config template
2026-05-17 21:49:18 +03:00
0fe013f265
add illuminate/database and phpdotenv
2026-05-17 21:49:08 +03:00
e8e7cf9ea9
add admin login page at /login
2026-05-17 10:40:03 +03:00
f0da523ae4
add failing e2e test for admin login page
2026-05-17 10:37:35 +03:00
73f24e7132
Merge branch 'feature/process-compose'
2026-05-17 10:33:21 +03:00
033bb99da3
add process-compose file for backend and frontend
2026-05-17 10:33:09 +03:00
e8ab361bc6
Merge branch 'feature/user-auth-middleware'
2026-05-17 10:12:10 +03:00
097ce118dd
refactor: drop unused domain property from email address
2026-05-17 10:11:33 +03:00
e2b69632f6
refactor: remove redundant guard from logout controller
...
The guard is now in the Logout use case. Controller just passes the raw cookie value through.
2026-05-17 10:09:42 +03:00
c6306af73b
implement: move null/empty token guard into logout use case
...
Green phase: execute() accepts ?string, returns early for null or empty string, otherwise delegates to repository.
2026-05-17 10:09:31 +03:00
f2bc33592d
test: add null and empty token cases to logout test
...
Red phase: Logout should handle null and empty string tokens gracefully without throwing. Currently null causes TypeError.
2026-05-17 10:09:20 +03:00
a681d93f5d
fix: use stub instead of mock for unused handler
...
PHPUnit 13 warns about mock objects with no expectations. createStub() avoids the notice since the handler is never called in the expired-session test.
2026-05-17 10:06:35 +03:00
722c5303df
refactor: remove unused response param from controller methods
2026-05-17 10:04:15 +03:00
9661452c75
refactor: extract error response helper and slim json response
...
Replace multiple catch blocks with single catch(Throwable) funneled through errorResponse() matching the CompanyController pattern. Also clean jsonResponse to accept data+status only, instantiating Response internally.
2026-05-17 09:59:32 +03:00
8a9b35abd3
chore: add phpunit cache to gitignore
2026-05-17 09:45:27 +03:00
ee098ac0b5
revert accidental frontend assets and cache
...
git add -A picked up unrelated frontend screenshots and phpunit cache. Remove them from tracking.
2026-05-17 09:45:27 +03:00
56ddba707d
format: fix psr12 style issues
...
phpcbf auto-fixes: string concatenation spacing, single-line class braces, closing brace placement.
2026-05-17 09:45:26 +03:00
9703f82788
add domain layer, config, and entry point
...
Domain: User, Session, EmailAddress, DTOs, repositories, services (PasswordHasher, TokenGenerator, Clock). Config: PHP-DI container definitions and Slim routes. Entry point: public/index.php with slim-bridge.
2026-05-17 09:45:26 +03:00
e54197f8a5
implement auth controller
...
Green phase: AuthController handles login (authenticate + create session + set cookie), logout (delete session + clear cookie), and me (return user from request attribute).
2026-05-17 09:45:25 +03:00
21dca993cd
test: add failing auth controller test
...
Red phase: AuthControllerTest covers login with valid credentials (returns user+cookie), missing email (400), invalid credentials (401), logout (clears cookie, 204), and me (returns user from attribute).
2026-05-17 09:45:25 +03:00
b581e80413
implement auth middleware
...
Green phase: PSR-15 AuthMiddleware checks auth_token cookie, looks up session, validates expiry, sets user attribute on request or returns 401.
2026-05-17 09:45:25 +03:00
db01bfdc2e
test: add failing auth middleware test
...
Red phase: AuthMiddlewareTest covers valid cookie, missing cookie, empty cookie, unknown token, expired session, and expired session deletion.
2026-05-17 09:45:24 +03:00
58772d66c1
implement logout use case
...
Green phase: Logout calls deleteByToken on SessionRepository. No-op for non-existent tokens.
2026-05-17 09:45:24 +03:00
ceb392fc8d
test: add failing logout test
...
Red phase: LogoutTest covers deleting existing session and no-op for unknown token.
2026-05-17 09:45:24 +03:00
d490260807
implement create session use case
...
Green phase: CreateSession generates a token, creates a session with 7-day expiry, and persists it via SessionRepository.
2026-05-17 09:45:23 +03:00
a78d429f0b
test: add failing create session test
...
Red phase: CreateSessionTest covers token, user, createdAt, 7-day expiry, persistence, and fresh instance.
2026-05-17 09:45:23 +03:00
b14cd565bb
implement authenticate user use case
...
Green phase: AuthenticateUser validates credentials, throws BadRequestException for empty fields, UnauthorizedException for unknown email or wrong password.
2026-05-17 09:45:23 +03:00
